test

Oracle Waveset Service Provider 8.1.1 Deployment

Struts Configuration File

Apache Struts drives the navigation between the sample User Interface pages. The Struts configuration file ($WSHOME/WEB-INF/spe/config/struts-config.xml ) defines all the navigation rules in the form of Struts action definitions. Action definitions typically contain path, type, and parameter attributes. Many definitions also contain one or more forward elements that indicate which page should be displayed next.

Specifying an Action Path

Pages that require authentication must specify the protected path in the path attribute of the appropriate action definition. For example, the following action definition for the ChangePassword page includes the same path specified in the protected-pages-path parameter in the web.xml file.

<action path="/spe/user/protected/ChangePassword" type="com.sun.idm.idmx.web.SelfServiceProcessFormAction" ...>

The login page does not require the user to be authenticated, so the path of the corresponding action does not include the protected directory:

<action path="/spe/user/Login" type="com.sun.idm.idmx.web.ProcessFormAction" ...>

Specifying an Action Type

The type parameter defines the class that performs the action. Some of the default actions refer to a Struts-defined subclass of the org.apache.struts.action.Action class. The following subclasses are provided with the sample user pages.

Class Name 

Description 

ProcessFormAction 

Allows access to the Waveset forms engine. This action can take a view handler class, a form name, and a page processor class (in that order) as parameters. See Specifying an Action Type for more information.

SelfServiceProcessFormAction 

A subclass of ProcessFormAction that is used for self-service operations, such as changing passwords or user IDs. 

RelayAction 

Redirects the client to a page after the user has acknowledged a successful operation result, such as a successful password change. Since all confirmation pages use a single content tile (OperationResult.jsp), an action forward name is set in a hidden field when the content tile is generated. See OperationResult Relay Definition for more information.

LogoutAction 

Invalidates the current user session. 

Specifying Action Parameters

The parameter attribute defines arguments that are passed to the class specified in the type attribute. If the type attribute is ProcessFormAction or SelfServiceProcessFormAction class, then the value may contain the following options, none of which are mandatory. The options must be specified in the order listed and be separated by commas.

  1. The viewer class, such as IDMXUser or IDMXLookupUsername.

  2. The form name or ID.

  3. The page processor class.

    Each of these options are described below.

    If the action type is a class other than ProcessFormAction or SelfServiceProcessFormAction, then the value specified in the parameter attribute must match the requirements of the class.

  4. The string secure.

    This parameter is optional. If it is specified, the server always processes page requests using HTTPS.

Viewer Classes

The following viewer classes may be specified if the type attribute is ProcessFormAction or SelfServiceProcessFormAction class:

Forms

The form argument may contain a form defined in Waveset. If no form is specified, viewer class uses the default form.

Page Processors

The default page processor is com.waveset.ui.util.GenericEditForm class. The IDMXUserForm class, a subclass of GenericEditForm , is a custom page processor that allows sending email notifications. Email notifications can be enabled or disabled for each in the sample end user pages. In turn, the IDMXUserForm has the following subclasses:

Subclass 

Description 

ChangeAuthenticationAnswersForm 

If email notification is enabled and the authentication answers have been successfully updated, then an email is sent to the user using the “Service Provider End-User Authentication Answers Updated” template. The class also records an appropriate audit event. 

ChangeNotificationsForm 

If email notification is enabled and the notification address has been successfully updated, then emails are sent to both the old and the new address using “Service Provider End-User Change Notifications” and “Service Provider End-User Change Notifications Old Address” template respectively. The class also records an appropriate audit event. 

ChangePasswordForm 

If email notification is enabled and the password has been successfully changed, then an email is sent to the user using the “Service Provider End-User Change Password” template. The class also records an appropriate audit event. 

ChangeUserIdForm 

If email notification is enabled and the user name has been successfully changed, then an email is sent to the user using the “Service Provider End-User Change User Id” template. The class also records an appropriate audit event. 

EnrollmentForm 

If email notification is enabled and registration has been successfully completed, then an email is sent to the user using the template “Service Provider End-User Registration Template”. 

ResetPasswordForm 

If the password.reset-mode attribute in the SPEUserPages object is set to self, then when the user answers all the required authentication questions, the password is reset with this class.

The following table lists the additional subclasses of GenericEditForm.

Subclass 

Description 

UserQuestionForm 

This page processor class is used when the user forgets his password and attempts to login using authentication questions. If email notification is enabled and authentication questions has been successfully answered, then an email is sent to the user using the template “ 

LoginForm 

LoginForm adds the errors the AuthFilter encountered to the login page. 

In the following example, a view handler and a custom form are specified, but no page processor class is set. (The default GenericEditForm class processes this page.)

<action path="/spe/user/ForgotUsername"
type="com.sun.idm.idmx.web.ProcessFormAction"
parameter="IDMXLookupUsername,#ID#UserForm:IDMXForgotUsernameForm,">

The following example shows an action with a view handler (IDMXUserQuestion ) and a page processor (UserQuestionForm) specified, but no form name was given. The view handler will use the default form:

<action path="/spe/user/LoginWithQuestions"
type="com.sun.idm.idmx.web.ProcessFormAction"
parameter="IDMXUserQuestion,,com.sun.idm.idmx.web.UserQuestionForm">

Secure Connections

The secure parameter forces the server to use HTTPS regardless of the last action's response. Add this parameter as the fourth parameter to force the action to use HTTPS:

<action path="/spe/user/Login" type="com.sun.idm.idmx.web.ProcessFormAction"
parameter="IDMXNoop,#ID#UserForm:IDMXLoginForm,com.sun.idm.idmx.web.LoginForm,secure">
        <forward name="success" path=".page.Login"/>
        <forward name="post" path="/spe/user/Login.do" />
        <forward name="next" path="/spe/user/protected/Home.do?newView=true" />
        <forward name="cancel" path="/spe/user/Login.do" />
</action>

If your servers do not use port 80 for HTTP or port 443 for HTTPS, modify WEB-INF/web.xml to include the following context parameters:

<context-param>
    <param-name>listenPort_http</param-name>
    <param-value>7001</param-value>
</context-param>

<context-param>
    <param-name>listenPort_https</param-name>
    <param-value>7002</param-value>
</context-param>

The above code sample tells Struts to use port 7001 for HTTP and port 7002 for HTTPS.

Assigning Navigation Logic

The forward elements in the action definitions tie the sample pages together. The following table lists the most commonly used forward definitions:

Name 

Description 

success 

Specifies the page to display if there is no error processing the action. 

post 

Posts the form to the specified location. 

next 

Specifies the action to take after a successful form posting,. 

cancel 

Specifies the action to take if a user clicks a cancel button on a form.